- D-Bus 1.9.6 (UNRELEASED)
-D-Bus 1.8.14 (2015-01-05)
++D-Bus 1.9.6 (2015-01-05)
==
- ...
-The “40lb of roofing nails” release.
++The “I do have a bread knife” release.
+
+ Security hardening:
+
+ • Do not allow calls to UpdateActivationEnvironment from uids other than
+ the uid of the dbus-daemon. If a system service installs unsafe
+ security policy rules that allow arbitrary method calls
+ (such as CVE-2014-8148) then this prevents memory consumption and
+ possible privilege escalation via UpdateActivationEnvironment.
+
+ We believe that in practice, privilege escalation here is avoided
+ by dbus-daemon-launch-helper sanitizing its environment; but
+ it seems better to be safe.
+
+ • Do not allow calls to UpdateActivationEnvironment or the Stats interface
+ on object paths other than /org/freedesktop/DBus. Some system services
+ install unsafe security policy rules that allow arbitrary method calls
+ to any destination, method and interface with a specified object path;
+ while less bad than allowing arbitrary method calls, these security
+ policies are still harmful, since dbus-daemon normally offers the
+ same API on all object paths and other system services might behave
+ similarly.
+
+ Other fixes:
+
+ • Add missing initialization so GetExtendedTcpTable doesn't crash on
+ Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)
-D-Bus 1.8.12 (2014-11-24)
+D-Bus 1.9.4 (2014-11-24)
==
-The “days of fuchsia passed” release.
+The “extra-sturdy caramel” release.
Fixes:
}
static void
+test_processid (Fixture *f,
+ gconstpointer context)
+{
+ const char *unique = dbus_bus_get_unique_name (f->left_conn);
+ DBusMessage *m = dbus_message_new_method_call (DBUS_SERVICE_DBUS,
+ DBUS_PATH_DBUS, DBUS_INTERFACE_DBUS, "GetConnectionUnixProcessID");
+ DBusPendingCall *pc;
+ DBusError error = DBUS_ERROR_INIT;
+ guint32 pid;
+
+ if (m == NULL)
+ g_error ("OOM");
+
+ if (!dbus_message_append_args (m,
+ DBUS_TYPE_STRING, &unique,
+ DBUS_TYPE_INVALID))
+ g_error ("OOM");
+
+ if (!dbus_connection_send_with_reply (f->left_conn, m, &pc,
+ DBUS_TIMEOUT_USE_DEFAULT) ||
+ pc == NULL)
+ g_error ("OOM");
+
+ dbus_message_unref (m);
+ m = NULL;
+
+ if (dbus_pending_call_get_completed (pc))
+ pending_call_store_reply (pc, &m);
+ else if (!dbus_pending_call_set_notify (pc, pending_call_store_reply,
+ &m, NULL))
+ g_error ("OOM");
+
+ while (m == NULL)
+ test_main_context_iterate (f->ctx, TRUE);
+
+ if (dbus_message_get_args (m, &error,
+ DBUS_TYPE_UINT32, &pid,
+ DBUS_TYPE_INVALID))
+ {
+ g_assert_cmpstr (dbus_message_get_signature (m), ==, "u");
+ assert_no_error (&error);
+
+ g_message ("GetConnectionUnixProcessID returned %u", pid);
+
+#ifdef G_OS_UNIX
+ g_assert_cmpuint (pid, ==, getpid ());
+#elif defined(G_OS_WIN32)
+ g_assert_cmpuint (pid, ==, GetCurrentProcessId ());
+#else
+ g_assert_not_reached ();
+#endif
+ }
+ else
+ {
+ g_assert_cmpstr (error.name, ==, DBUS_ERROR_UNIX_PROCESS_ID_UNKNOWN);
+
+#ifdef PID_SHOULD_WORK
+ g_error ("Expected pid to be passed, but got %s: %s",
+ error.name, error.message);
+#endif
+
+ dbus_error_free (&error);
+ }
+}
+
+static void
+ test_canonical_path_uae (Fixture *f,
+ gconstpointer context)
+ {
+ DBusMessage *m = dbus_message_new_method_call (DBUS_SERVICE_DBUS,
+ DBUS_PATH_DBUS, DBUS_INTERFACE_DBUS, "UpdateActivationEnvironment");
+ DBusPendingCall *pc;
+ DBusMessageIter args_iter;
+ DBusMessageIter arr_iter;
+
+ if (m == NULL)
+ g_error ("OOM");
+
+ dbus_message_iter_init_append (m, &args_iter);
+
+ /* Append an empty a{ss} (string => string dictionary). */
+ if (!dbus_message_iter_open_container (&args_iter, DBUS_TYPE_ARRAY,
+ "{ss}", &arr_iter) ||
+ !dbus_message_iter_close_container (&args_iter, &arr_iter))
+ g_error ("OOM");
+
+ if (!dbus_connection_send_with_reply (f->left_conn, m, &pc,
+ DBUS_TIMEOUT_USE_DEFAULT) ||
+ pc == NULL)
+ g_error ("OOM");
+
+ dbus_message_unref (m);
+ m = NULL;
+
+ if (dbus_pending_call_get_completed (pc))
+ pending_call_store_reply (pc, &m);
+ else if (!dbus_pending_call_set_notify (pc, pending_call_store_reply,
+ &m, NULL))
+ g_error ("OOM");
+
+ while (m == NULL)
+ test_main_context_iterate (f->ctx, TRUE);
+
+ /* it succeeds */
+ g_assert_cmpint (dbus_message_get_type (m), ==,
+ DBUS_MESSAGE_TYPE_METHOD_RETURN);
+
+ dbus_message_unref (m);
+
+ /* Now try with the wrong object path */
+ m = dbus_message_new_method_call (DBUS_SERVICE_DBUS,
+ "/com/example/Wrong", DBUS_INTERFACE_DBUS, "UpdateActivationEnvironment");
+
+ if (m == NULL)
+ g_error ("OOM");
+
+ dbus_message_iter_init_append (m, &args_iter);
+
+ /* Append an empty a{ss} (string => string dictionary). */
+ if (!dbus_message_iter_open_container (&args_iter, DBUS_TYPE_ARRAY,
+ "{ss}", &arr_iter) ||
+ !dbus_message_iter_close_container (&args_iter, &arr_iter))
+ g_error ("OOM");
+
+ if (!dbus_connection_send_with_reply (f->left_conn, m, &pc,
+ DBUS_TIMEOUT_USE_DEFAULT) ||
+ pc == NULL)
+ g_error ("OOM");
+
+ dbus_message_unref (m);
+ m = NULL;
+
+ if (dbus_pending_call_get_completed (pc))
+ pending_call_store_reply (pc, &m);
+ else if (!dbus_pending_call_set_notify (pc, pending_call_store_reply,
+ &m, NULL))
+ g_error ("OOM");
+
+ while (m == NULL)
+ test_main_context_iterate (f->ctx, TRUE);
+
+ /* it fails, yielding an error message with one string argument */
+ g_assert_cmpint (dbus_message_get_type (m), ==, DBUS_MESSAGE_TYPE_ERROR);
+ g_assert_cmpstr (dbus_message_get_error_name (m), ==,
+ DBUS_ERROR_ACCESS_DENIED);
+ g_assert_cmpstr (dbus_message_get_signature (m), ==, "s");
+
+ dbus_message_unref (m);
+ }
+
+ static void
teardown (Fixture *f,
gconstpointer context G_GNUC_UNUSED)
{
g_test_add ("/echo/session", Fixture, NULL, setup, test_echo, teardown);
g_test_add ("/echo/limited", Fixture, &limited_config,
setup, test_echo, teardown);
+ g_test_add ("/no-reply/disconnect", Fixture, NULL,
+ setup, test_no_reply, teardown);
+ g_test_add ("/no-reply/timeout", Fixture, &finite_timeout_config,
+ setup, test_no_reply, teardown);
g_test_add ("/creds", Fixture, NULL, setup, test_creds, teardown);
+ g_test_add ("/processid", Fixture, NULL, setup, test_processid, teardown);
+ g_test_add ("/canonical-path/uae", Fixture, NULL,
+ setup, test_canonical_path_uae, teardown);
return g_test_run ();
}